Live chat
John Hancock.

Security Engineer

John Hancock. - Boston, MA

Security Engineer




Are you looking for unlimited opportunities to develop and succeed? With work that challenges and makes a difference and a flexible and supportive environment, we can help our customers achieve their dreams and aspirations.

Role *

Seeking high energy, self-starter to join as a Security Engineer on the Divisional Engineering team. Individual will be knowledgeable in many domains of security, will participate in planning, developing and implementing identity and access management solutions for supported Business Units specifically using ISAM as technology. Primary responsibility would be to focus on any integration development efforts, including hands on coding.

The Security Engineer will also work closely with the architecture team to assist in understanding application and information security strategy, engineering solutions and roadmaps. The Engineer will also partner with IRM and platform services in understanding divisional security standards and guidelines.

Accountabilities *

Work on implementation of IAM (Identity and Access Management) integration efforts by leveraging expert knowledge in ISAM tools and established integration patterns

Taking code development ownership to enable Business Unit integration with ISAM, develop any new integration components or update any existing components

Assist in root cause analysis on complex development and/or ISAM defects

Participate in divisional reference security architecture Implementation by implementing various UI components and APIs

Produce code assets in adherence to departmental standards.

Adhere policies and standards relating to supported tool processes and management and ensure policies are understood and followed by the organization.

Maintains currency of supporting technical and operational process documentation

Design and implement life cycle template, policies, analytic requirements, dashboards, reports and work with platform services to ensure high availability of system services in production.

Promote agile and continuous integration methodology for implementation efforts.

Proactively stay updated with industry developments, skills and technologies and share information, ideas and best practice with other development team members and divisions to improve skills and avoid single points of failure

Core Technical Skills *

2 - 3 Years working with IBM Identity and Access Management Tools (ISAM, TAM, TDI etc.) is must.

Experience integrating IBM’s identity management, access management and software into clients' infrastructure and applications.

Knowledge of security industry standards and best practices – NIST, CSA, CIS etc.

Expert knowledge of protocols underpinning the web - TCP/IP, HTTP, SSL/TLS, BGP, cybersecurity concepts covering network through application layers

Experience in the design and deployment of end user web access and control infrastructure

Experience securing mobile applications, how security is managed on Android, iOS and Windows mobile platforms.

Experience with virtual and cloud environments and various security protocols.

Understanding of security platforms, Proxy, End Point Protection, Web Application Firewall, Intrusion Prevention, Vulnerability Scanning, File Integrity Management, IAM Solutions

Understanding of enterprise infrastructure components – DNS, AD, Radius, Kerberos and PKI Management.

Expertise in Windows, Mac and/or Linux platforms.

Experience with remediating risks exposed by penetration testing and vulnerability scanning tools

Experience with one or more directories such as IBM, Oracle Directory Servers

Experience with one or more databases such as Oracle, IBM DB2 and MS SQL

Familiarity with federated identity and web services security concepts such as SAML and WS-Security

5 plus years’ experience with at least one of the following development environments/languages: J2EE, Java expert level C/C , .NET, C#, SQL or other structured programming tools working knowledge.

Scripting experience with JavaScript, Perl, Python, Powershell etc.

Versatile with technologies used for access and identity management and able to work with SMEs to develop helpful interfaces for user provisioning and access management.

Other Skills *

Tech savvy, strong analytical and problem solving skills, specifically the ability to navigate multiple complex systems simultaneously to respond to client inquiries

Excellent organizational and time management skills; ability to manage multiple priorities

Strong communication skills - verbal, written and presentation

Must be willing to take direction and work collectively within the team and/or independently with minimal supervision, with strong sense of ownership and accountability.

Qualifications *

Bachelor’s degree in Computer Science or equivalent work experience

5-7 years’ work experience, with 2-3 years of experience in developing, implementing information systems leveraging IBM’s security portfolio (TAM, ISAM, ISIM, FIM, TDI, TDS, LDAP and WebSphere).

3 plus years’ experience in supporting deployments in IBM Tivoli / Security Federated Identity Manager and Access Manager products (TFIM and ISAM)

Understanding of IBM security concepts and practices.

Prior working experience with financial services industry is a plus

About John Hancock Financial and Manulife *

John Hancock is a division of Manulife, a leading Canada-based financial services group with principal operations in Asia, Canada and the United States. Operating as Manulife in Canada and Asia, and primarily as John Hancock in the United States, our group of companies offers clients a diverse range of financial protection products and wealth management services through its extensive network of employees, agents and distribution partners. Assets under management and administration by Manulife and its subsidiaries were over $1 trillion (US$780 billion) as of June 30, 2017. Manulife Financial Corporation trades as MFC on the TSX, NYSE, and PSE, and under 945 on the SEHK. Manulife can be found at .

The John Hancock unit, through its insurance companies, comprises one of the largest life insurers in the United States. John Hancock offers and administers a broad range of financial products, including life insurance, annuities, investments, 401(k) plans, long-term care insurance, college savings, and other forms of business insurance. Additional information about John Hancock may be found at




*US Division IT


Security Engineer



Requisition ID:


Apply Now

Apply Now


9 days 16 hours ago

John Hancock.


Security Engineer John Hancock. - Boston, MA, United States


Location: Boston, MA

Company Profile:
we continue our tradition as a well established financial services leader by operating as the U.S. unit of Manulife Financial, a leading Canadian-based financial services group serving the financial needs of millions of customers in 22 countries and territories worldwide. Manulife Financial Corporation trades as 'MFC' on the TSX, NYSE and PSE, and under '945' on the SEHK.